Arapahoe County has caught one attempted cyberattack stemming from the coronavirus pandemic, the county’s information technology director said on Wednesday.
“We’ve worked hard to educate employees for one, to be careful and to be vigilant,” said David Bessen, who heads the IT department. “And number two, when they make a mistake — which is human — how to respond very quickly so we can contain it and not compromise any data.”
Bessen said that on Tuesday, an employee clicked on what Bessen believed to be a purported map of the coronavirus spread internationally from the Centers for Disease Control and Prevention. The map, however, was malware, and was not the genuine CDC map, which is safe to view.
“It apparently can install malware very quickly on your computer, and then I don’t know what that malware does next. My guess is it probably raids any contact lists that you have,” he said.
Arapahoe County, like other jurisdictions, has closed its facilities to the public until late March in order to prevent the transmission of COVID-19 coronavirus. The county has approximately 2,700 computers, 52% of which are laptops. Its 2,100 employees who require computers are either working remotely on a county-issued laptop or working on their personal computer using a program called Citrix. Citrix shows users a screen of the county’s server, such that the user is only working with an image and not a government computer.
Fraudulent or malicious activity can take multiple forms in a pandemic. ABC News reported this week of a cyberattack at the U.S. Department of Health and Human Services that may have sought to paralyze networks or find vulnerabilities. Last week, Attorney General Phil Weiser cautioned consumers to be alert for scams or fraudulent offerings from people taking advantage of interest in the coronavirus. Bessen said that he did not report the attempted cyberattack to state authorities.
The nonprofit Center for Internet Security warned that those who are working from home should update their devices, use two-step authentication and configure their wireless network setting for secure usage.
Bessen added that the county typically catches such attacks within minutes. He sent an e-mail on Wednesday to employees advising them to take precautions against suspicious links or e-mail addresses. Bessen reported three help desk tickets on Wednesday morning from users who spied suspicious links.
There is a review of every incident, in which the county meets with the employee whose actions prompted the cyber response. “We just want to make sure that they knew what they did and they’ve responded correctly. We want to reinforce the behavior of contacting us if they do something,” Bessen said.
Correction: The original version of this article contained a typo in Phil Weiser's last name.